An architecture a day keeps the hacker away

Authors:
David A. Holland;Ada T. Lim;Margo I. Seltzer
Affiliations:
Harvard University;Harvard University;Harvard University
Venue:
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Year:
2005

Citing 10
Cited 3

A formal model and specification language for procedure calling conventions

POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Machine Descriptions to Build Tools for Embedded Systems

LCTES '98 Proceedings of the ACM SIGPLAN Workshop on Languages, Compilers, and Tools for Embedded Systems
Secure Execution via Program Shepherding

Proceedings of the 11th USENIX Security Symposium
Building Diverse Computer Systems

HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Countering code-injection attacks with instruction-set randomization

Proceedings of the 10th ACM conference on Computer and communications security
PointguardTM: protecting pointers from buffer overflow vulnerabilities

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Address obfuscation: an efficient approach to combat a board range of memory error exploits

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7

N-variant IC design: methodology and applications

Proceedings of the 45th annual Design Automation Conference
E unibus pluram: massive-scale software diversity as a defense mechanism

Proceedings of the 2010 workshop on New security paradigms
ChameleonSoft: Software Behavior Encryption for Moving Target Defense

Mobile Networks and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

System security as it is practiced today is a losing battle. In this paper, we outline a possible comprehensive solution for binary-based attacks, using virtual machines, machine descriptions, and randomization to achieve broad heterogeneity at the machine level. This heterogeneity increases the "cost" of broad-based binary attacks to a sufficiently high level that they cease to become feasible. The convergence of several recent technologies appears to make our approach achievable at a reasonable cost, with only moderate run-time overhead.